Fix user tests since rebase (invalid users are now rejected), add lic…

…ense headers
gravitational · Jul 16, 2022 · f5d23e4 · f5d23e4
1 parent c61ce1c
commit f5d23e4
Show file tree

Hide file tree

Showing 5 changed files with 80 additions and 15 deletions.
diff --git a/operator/controllers/resources/role_controller_test.go b/operator/controllers/resources/role_controller_test.go
@@ -18,6 +18,7 @@ package resources
 
 import (
 	"context"
+	"github.com/gravitational/teleport/lib/auth"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -143,19 +144,7 @@ func TestRoleUpdate(t *testing.T) {
 	}, &r)
 	require.True(t, kerrors.IsNotFound(err))
 
-	// The role is created in Teleport
-	tRole, err := types.NewRole(roleName, types.RoleSpecV5{
-		Allow: types.RoleConditions{
-			Logins: []string{"a", "b"},
-		},
-	})
-	require.NoError(t, err)
-	metadata := tRole.GetMetadata()
-	metadata.Labels = map[string]string{types.OriginLabel: types.OriginKubernetes}
-	tRole.SetMetadata(metadata)
-
-	err = tClient.UpsertRole(ctx, tRole)
-	require.NoError(t, err)
+	err = teleportCreateDummyRole(t, roleName, tClient, ctx)
 
 	// The role is created in K8S
 	k8sRole := resourcesv5.TeleportRole{
@@ -202,6 +191,23 @@ func TestRoleUpdate(t *testing.T) {
 	})
 }
 
+func teleportCreateDummyRole(t *testing.T, roleName string, tClient auth.ClientI, ctx context.Context) error {
+	// The role is created in Teleport
+	tRole, err := types.NewRole(roleName, types.RoleSpecV5{
+		Allow: types.RoleConditions{
+			Logins: []string{"a", "b"},
+		},
+	})
+	require.NoError(t, err)
+	metadata := tRole.GetMetadata()
+	metadata.Labels = map[string]string{types.OriginLabel: types.OriginKubernetes}
+	tRole.SetMetadata(metadata)
+
+	err = tClient.UpsertRole(ctx, tRole)
+	require.NoError(t, err)
+	return err
+}
+
 func k8sCreateDummyRole(ctx context.Context, t *testing.T, kc kclient.Client, namespace, roleName string) {
 	role := resourcesv5.TeleportRole{
 		ObjectMeta: metav1.ObjectMeta{

diff --git a/operator/controllers/resources/user_controller_test.go b/operator/controllers/resources/user_controller_test.go
@@ -44,6 +44,8 @@ func TestUserCreation(t *testing.T) {
 	ns := createNamespaceForTest(t, k8sClient)
 	userName := validRandomResourceName("user-")
 
+	teleportCreateDummyRole(t, "a", tClient, ctx)
+	teleportCreateDummyRole(t, "b", tClient, ctx)
 	// The user is created in K8S
 	k8sCreateDummyUser(ctx, t, k8sClient, ns.Name, userName)
 
@@ -84,6 +86,9 @@ func TestUserDeletionDrift(t *testing.T) {
 	ns := createNamespaceForTest(t, k8sClient)
 	userName := validRandomResourceName("user-")
 
+	teleportCreateDummyRole(t, "a", tClient, ctx)
+	teleportCreateDummyRole(t, "b", tClient, ctx)
+
 	// The user is created in K8S
 	k8sCreateDummyUser(ctx, t, k8sClient, ns.Name, userName)
 
@@ -132,6 +137,12 @@ func TestUserUpdate(t *testing.T) {
 	tClient := clientForTeleport(t, teleportServer, operatorName)
 	k8sClient := startKubernetesOperator(t, tClient)
 
+	teleportCreateDummyRole(t, "a", tClient, ctx)
+	teleportCreateDummyRole(t, "b", tClient, ctx)
+	teleportCreateDummyRole(t, "x", tClient, ctx)
+	teleportCreateDummyRole(t, "y", tClient, ctx)
+	teleportCreateDummyRole(t, "z", tClient, ctx)
+
 	ns := createNamespaceForTest(t, k8sClient)
 	userName := validRandomResourceName("user-")
 
@@ -183,7 +194,7 @@ func TestUserUpdate(t *testing.T) {
 	}, &k8sUserNewVersion)
 	require.NoError(t, err)
 
-	k8sUserNewVersion.Spec.Roles = append(k8sUserNewVersion.Spec.Roles, "admin", "root")
+	k8sUserNewVersion.Spec.Roles = append(k8sUserNewVersion.Spec.Roles, "y")
 	err = k8sClient.Update(ctx, &k8sUserNewVersion)
 	require.NoError(t, err)
 
@@ -193,7 +204,7 @@ func TestUserUpdate(t *testing.T) {
 		require.NoError(t, err)
 
 		// TeleportUser updated with new roles
-		return assert.ElementsMatch(t, tUser.GetRoles(), []string{"x", "z", "admin", "root"})
+		return assert.ElementsMatch(t, tUser.GetRoles(), []string{"x", "z", "y"})
 	})
 }
 

diff --git a/operator/controllers/resources/utils.go b/operator/controllers/resources/utils.go
@@ -1,3 +1,19 @@
+/*
+Copyright 2022 Gravitational, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
 package resources
 
 import (

diff --git a/operator/controllers/resources/utils_test.go b/operator/controllers/resources/utils_test.go
@@ -1,3 +1,19 @@
+/*
+Copyright 2022 Gravitational, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
 package resources
 
 import (

diff --git a/operator/sidecar/tbot.go b/operator/sidecar/tbot.go
@@ -1,3 +1,19 @@
+/*
+Copyright 2022 Gravitational, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
 package sidecar
 
 import (